package com.haierp.controller;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import com.haierp.service.impl.ReactVersionServiceImpl;
import com.haierp.util.JsonResult;
import com.wangzhixuan.commons.base.BaseController;
import com.wangzhixuan.commons.csrf.CsrfToken;
import com.wangzhixuan.commons.shiro.ShiroUser;
import com.wangzhixuan.commons.utils.StringUtils;

/**
 * 
 * @author zhulu
 *
 */
@Controller
public class HaiLoginController extends BaseController {

	@Autowired
	private ReactVersionServiceImpl reactVersionService;
	
	  /**
     * POST 登录 shiro 写法
     *
     * @param username 用户名
     * @param password 密码
     * @return {Object}
     */
//    @PostMapping("/haiLogin")
	@RequestMapping("/haiLogin/login")
    @CsrfToken(remove = true)
    @ResponseBody
    public Object loginPost(HttpServletRequest request, String username, String password,
            @RequestParam(value = "rememberMe", defaultValue = "1") Integer rememberMe) {
        logger.info("POST请求登录");
        String loginIp = request.getRemoteAddr();
        // 改为全部抛出异常，避免ajax csrf token被刷新
        if (StringUtils.isBlank(username)) {
            throw new RuntimeException("用户名不能为空");
        }
        if (StringUtils.isBlank(password)) {
            throw new RuntimeException("密码不能为空");
        }
        Subject user = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(username, password);
        // 设置记住密码
        token.setRememberMe(1 == rememberMe);
        JsonResult<String> result = new JsonResult<>();
        try {
            user.login(token);
            ShiroUser one = this.getShiroUser();
            boolean loginFlage = true;
            if(one.getRoles().contains("irhck") && !loginIp.equals("73.157.189.36")){//仓库兼职人员不信任站点登录不可访问
            	loginFlage = false;
            	throw new RuntimeException("无权限登录此网页！");
            }
            return result.buildIsSuccess(loginFlage);
        } catch (UnknownAccountException e) {
        	e.printStackTrace();
        	return result.buildData("账号不存在！").buildIsSuccess(false);
//            throw new RuntimeException("账号不存在！", e);
        } catch (DisabledAccountException e) {
//            throw new RuntimeException("账号未启用！", e);
        	e.printStackTrace();
        	return result.buildData("账号未启用！").buildIsSuccess(false);
        } catch (IncorrectCredentialsException e) {
//            throw new RuntimeException("密码错误！", e);
            e.printStackTrace();
        	return result.buildData("密码错误！").buildIsSuccess(false);
        } catch (Throwable e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }
	
	
	
	@RequestMapping("/web")
	public String agent(Model model) {
		model.addAttribute("version", reactVersionService.getVersion());
		return "agent";
	}
}
